﻿using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Text;
using System.Text.RegularExpressions;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using wdss.WebServices;

namespace wdss.GUI
{
    public partial class login : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            Response.ExpiresAbsolute = DateTime.Now.AddDays(-1d);
            Response.Expires = -1500;
            Response.CacheControl = "no-cache";

            if (Session.IsNewSession)
            {
                Session.Add("loginAttempts", (object)0);
            }
            lgn_username.Focus();
            //handles the case the user go backs to the login page while logged in
            try
            {
                if ((int)Session["role"] == (int)Enumeration.Role.SystemAdministrator)
                {
                    Server.Transfer("~/GUI/SystemAdministrator.aspx");
                }
                else
                {
                    if ((int)Session["role"] != (int)Enumeration.Role.Temp)
                    {
                        Server.Transfer("~/GUI/DocumentList.aspx");
                    }
                }
            }
            catch (Exception)
            {
            }
        }

        protected void btn_login_click(object sender, EventArgs e)
        {
            LoginHandler(lgn_username.Text, lgn_password.Text);
        }

        private void LoginHandler(string username, string password)
        {
            LogService logService = new LogService();
            if (Session["loginAttempts"] == null)
            {
                Session["loginAttempts"] = (object)((int)1);
            }
            else
            {
                Session["loginAttempts"] = (object)((int)Session["loginAttempts"] + 1);
            }
            //validate password
            Regex passwordRegex = new Regex("^.*(?=.{7,100})(?=.*\\d)(?=.*[a-z])(?=.*[0-9])(?=.*[@#$\\(\\)\\*%^&+=]).*$");
            UserTransferObject user = new UserTransferObject();
            LoginService login = new LoginService();
            user = login.Login(passwordRegex, username, password);

            //if userid is found and login attempts not yet 5
            if (user.userid != 0 && ((int)Session["loginAttempts"] < 5))
            {
                //add user variables
                Session.Add("userid", user.userid);
                Session.Add("username", user.username);
                Session.Add("role", user.role);
                Session.Remove("loginAttempts");
                //decide what kind of user, check if sysadmin
                if (user.role == (int)Enumeration.Role.SystemAdministrator)
                {
                    //record login
            
                        logService.LogAction("User " + (string)Session["username"] + " has logged in as System Administrator.");
                        Server.Transfer("~/GUI/SystemAdministrator.aspx");

                }
                else
                {
                    //record login
                    logService.LogAction("User " + (string)Session["username"] + " has logged on as a standard user.");
                    Server.Transfer("~/GUI/DocumentList.aspx");
                }
            }
            else
            {
                //record failures
                if ((int)Session["loginAttempts"] >= 5)
                {
                    logService.LogAction(DateTime.Now.ToString() + ": Unknown user has exceeded their login attempts.");

                    lbl_AttemptError.Text = ("Unknown user has exceeded their login attempts.").ToString();
                    lbl_AttemptError.Visible = true;
                }
                else
                {
                    logService.LogAction("Unknown user has failed to login.\n");
                    lbl_AttemptError.Text = ("Unknown user has failed to login.").ToString();
                    lbl_AttemptError.Visible = true;
                }
            }

        }
    }
}
